Check list: for ICT
Users
|
 |
Does your company need a trigger for information security and related
organizational and technical decisions?
|
|
Do you want to increase corporate security awareness on individual
or all levels?
|
|
Does the corporate management or the management board understand
the relevance of information security? Do you want to increase management
and LoB sponsorship?
|
|
Do you have a coherent concept of how to communicate the value of
information security?
|
|
Do you know how much information security is appropriate for your
company? Are you aware of your business and IT risks – do you
have a standardized assessment system in place?
|
|
Are you able to assess and sort these risks by their relevance for
your company?
|
|
Do you want to set up an information security management system,
but in a form that is viable for your company?
|
|
Does the corporate management request you to provide a sound and
transparent basis for investment decisions regarding IT security solutions
and services? Do you know which solution standards are best practice?
|
|
Do you know which vendors can be involved to address specific issues
and how suitable they are for that purpose?
|
|
Which price can be justified for specific security solutions and
services? Do you pay reasonable prices – would you like to find
out the optimum cost/benefit ratio of IS investments?
|
